ipsec with dynamic IP

Maciej Milewski milu at dat.pl
Wed Sep 29 13:58:49 UTC 2010


On Wednesday 29 September 2010 15:11:30, claudiu vasadi wrote:
> Hello fellas,
> 
> I have 2x 8.1-RELEASE machines and I need to create a vpn between them.
> I've been reading the handbook on this subject and following the example
> there, I was able to establish a link.
> 
> The only problem is that both my machines have dynamic (external) IP.
> 
> My way of "solving" this little issue would be to create a script that
> would check each machine for a new external IP and if it finds it, replace
> it wherever it is needed (gif interface, racoon conf. file)
> 
> My question to you is if there is another, cleaner, way of achieving this
> and if any of you faced the same situation, how did you come to solve it ?
If you are not bound to IPSEC I think you could use OpenVPN and some kind of 
dyndns service. I haven't set up this between two servers although I'm 
successfuly using it in client-server mode and it works fine. 

> Also, is there a way to make the gif interface persistent over reboots ? I
> couldn;t find any so again, a script comes to mind.
Maybe cloned_interfaces or gif_interfaces in rc.conf would help?
Regards,
Maciej Milewski


More information about the freebsd-questions mailing list